www.cardinalops.com Open in urlscan Pro
2606:2c40::c73c:671e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cthjm04.na1.hubspotlinks.com/Ctc/GE+113/cThJm04/VXbv1Z8Q37j_W5zYxD91zjDbrW6tdK5Q4Yn1-ZMDyKlX5knJmV3Zsc37CgHF9W911mln1gkW_wW3S...
Effective URL:
https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medi...
Submission: On March 20 via manual (March 20th 2023, 10:16:59 pm UTC) from US — Scanned from DE

Summary HTTP 87 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 24 domains to perform 87 HTTP transactions. The main IP is 2606:2c40::c73c:671e, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.cardinalops.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 21st 2022. Valid for: a year.

This is the only time www.cardinalops.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:440... 2606:4700:4400::6812:25d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:2c40::c7... 2606:2c40::c73c:671e	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:f0cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:9ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:215b:9000:1f:f723:6fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:2248:4800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:de5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	95.101.111.170 95.101.111.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
4	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:480... 2a02:26f0:480:c::210:f194	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.242.17.147 54.242.17.147	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:8902:5bff:76db:b5d5	16509 (AMAZON-02) (AMAZON-02)
1	18.66.196.80 18.66.196.80	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:83ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
87	31

2 2606:4700:4400::6812:25d3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cthjm04.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:2c40::c73c:671e (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.cardinalops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f0cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

203881.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7289101.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215b:9000:1f:f723:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2248:4800:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:de5a (United States)

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.101.111.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-170.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api-na1.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:c::210:f194 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.242.17.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-242-17-147.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:8902:5bff:76db:b5d5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.196.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-196-80.mxp63.r.cloudfront.net

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	cardinalops.com www.cardinalops.com	601 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	605 KB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 6085 c.6sc.co — Cisco Umbrella Rank: 9062 ipv6.6sc.co — Cisco Umbrella Rank: 6570 b.6sc.co — Cisco Umbrella Rank: 4526	14 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	82 KB
4	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5247 track.hubspot.com — Cisco Umbrella Rank: 2140	2 KB
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 3785 forms-na1.hsforms.com — Cisco Umbrella Rank: 6124	2 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 1981	16 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 771 syndication.twitter.com — Cisco Umbrella Rank: 1148	132 KB
3	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 11317 scout.salesloft.com — Cisco Umbrella Rank: 13430	4 KB
3	adroll.com s.adroll.com — Cisco Umbrella Rank: 2412 d.adroll.com — Cisco Umbrella Rank: 1215	22 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4449 forms.hscollectedforms.net — Cisco Umbrella Rank: 4631	25 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	87 KB
2	lfeeder.com sc.lfeeder.com — Cisco Umbrella Rank: 13669 tr.lfeeder.com — Cisco Umbrella Rank: 21632	12 KB
2	hubspotusercontent-na1.net 203881.fs1.hubspotusercontent-na1.net 7289101.fs1.hubspotusercontent-na1.net	123 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	7 KB
2	hubspotlinks.com 1 redirects cthjm04.na1.hubspotlinks.com	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1977	20 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 2929	3 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 381	815 B
1	hubapi.com api-na1.hubapi.com — Cisco Umbrella Rank: 20041	712 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4349	2 KB
1	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 7416	2 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3044	160 KB
87	24

	Domain	Requested by
21	www.cardinalops.com	cthjm04.na1.hubspotlinks.com www.cardinalops.com
8	www.gstatic.com	www.google.com www.gstatic.com
7	b.6sc.co	www.cardinalops.com
6	www.google.com	www.cardinalops.com www.gstatic.com www.google.com
4	fonts.gstatic.com	fonts.googleapis.com
3	track.hubspot.com
3	js.hs-banner.com	www.cardinalops.com js.hs-banner.com
2	forms.hsforms.com	www.cardinalops.com
2	scout.salesloft.com	scout-cdn.salesloft.com
2	platform.twitter.com	www.cardinalops.com platform.twitter.com
2	connect.facebook.net	www.cardinalops.com connect.facebook.net
2	s.adroll.com	www.cardinalops.com s.adroll.com
2	cdnjs.cloudflare.com	www.cardinalops.com
2	cthjm04.na1.hubspotlinks.com	1 redirects
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	forms-na1.hsforms.com	www.cardinalops.com
1	js.hs-analytics.net	www.cardinalops.com
1	js.hscollectedforms.net	www.cardinalops.com
1	js.hsadspixel.net	www.cardinalops.com
1	tr.lfeeder.com	www.cardinalops.com
1	d.adroll.com	s.adroll.com
1	syndication.twitter.com	platform.twitter.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	api-na1.hubapi.com	www.cardinalops.com
1	app.hubspot.com	www.cardinalops.com
1	7289101.fs1.hubspotusercontent-na1.net	www.cardinalops.com
1	fonts.googleapis.com	www.cardinalops.com
1	j.6sc.co	www.cardinalops.com
1	scout-cdn.salesloft.com	www.cardinalops.com
1	sc.lfeeder.com	www.cardinalops.com
1	ws.zoominfo.com	www.cardinalops.com
1	203881.fs1.hubspotusercontent-na1.net	www.cardinalops.com
1	cdn2.hubspot.net	www.cardinalops.com
1	platform.linkedin.com	www.cardinalops.com
87	36

This site contains links to these domains. Also see Links.

Domain
attack.mitre.org
msrc.microsoft.com
0xdf.gitlab.io
learn.microsoft.com
twitter.com
35.180.139.74
research.splunk.com
github.com
www.cert.ssi.gouv.fr
www.windows-security.org
www-cardinalops-com.sandbox.hs-sites.com
linkedin.com

Subject Issuer	Validity	Valid
hubspotlinks.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
www.cardinalops.com Cloudflare Inc ECC CA-3	`2022-11-21` - `2023-11-21`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2022-06-09` - `2023-06-09`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.lfeeder.com Amazon RSA 2048 M01	`2023-02-28` - `2023-08-07`	5 months	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-16` - `2023-04-14`	a year	crt.sh
6sc.co R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-28`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Frame ID: EE5AE375A76C5E7F0B875386DE37C36C
Requests: 69 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.cardinalops.com
Frame ID: 5EAB27C33A8BDE6BE51394243158B35B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuY2FyZGluYWxvcHMuY29tOjQ0Mw..&hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&badge=inline&cb=21331iv07zkm
Frame ID: 2BC8AFDB912E4912A1CFED4DE0829623
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: FCD8C332845216BE2CEEBB9AB2BACB9C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detecting Microsoft Outlook Vulnerability CVE-2023-23397 in Splunk and IBM QRadar

Page URL History Show full URLs

https://cthjm04.na1.hubspotlinks.com/Ctc/GE+113/cThJm04/VXbv1Z8Q37j_W5zYxD91zjDbrW6tdK5Q4Yn1-ZMDyKlX5knJmV3Zsc37C... Page URL
https://cthjm04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/GE+113/cThJm04/VXbv1Z8Q37j_W5zYxD91zjDbrW6... HTTP 307
https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk... Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

87
Requests

100 %
HTTPS

84 %
IPv6

24
Domains

36
Subdomains

31
IPs

3
Countries

1927 kB
Transfer

4446 kB
Size

15
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://attack.mitre.org/groups/G0007/
Title: APT28

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397
Title: CVE-2023-23397

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1550/002/
Title: pass-the-hash (PtH)

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1068/
Title: Exploitation for Privilege Escalation (T1068)

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1557/001/
Title: Adversary-in-the-Middle: LLMNR/NBT-NS Poisoning and SMB Relay (T1557.001)

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1187/
Title: Forced Authentication (T1187)

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1212/
Title: Exploitation for Credential Access (T1212)

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1003/001/
Title: OS Credential Dumping: LSASS Memory (T1003.001)

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1550/
Title: Use Alternate Authentication Material (T1550)

Search URL Search Domain Scan URL

URL: https://0xdf.gitlab.io/2019/01/13/getting-net-ntlm-hases-from-windows.html
Title: Getting Creds via NTLMv2 | 0xdf hacks stuff

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/office/client-developer/outlook/mapi/pidlidreminderfileparameter-canonical-property
Title: PidLidReminderFileParameter

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/office/client-developer/outlook/mapi/pidlidreminderoverride-canonical-property
Title: PidLidReminderOverride

Search URL Search Domain Scan URL

URL: https://twitter.com/wdormann/status/1636497737528102912/photo/2
Title: Will Dormann on Twitter: "So, all of this wondering about how to send a "rich" calendar invite over SMTP is moot. The actual exploit for CVE-2023-23397 is an IPM.Task item with 0x851F (PidLidReminderFileParameter) set. This is just fine as a TNEF attachment over SMTP. https://t.co/yGSiR4B6wh https://t.co/7GIvb6zGlA" / Twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/wdormann/status/1636741880674222081/photo/1
Title: Will Dormann on Twitter: "So, all of this wondering about how to send a "rich" calendar invite over SMTP is moot. The actual exploit for CVE-2023-23397 is an IPM.Task item with 0x851F (PidLidReminderFileParameter) set. This is just fine as a TNEF attachment over SMTP. https://t.co/yGSiR4B6wh https://t.co/7GIvb6zGlA" / Twitter

Search URL Search Domain Scan URL

URL: http://35.180.139.74/file/sound.wav
Title: http://35.180.139.74/file/sound.wav

Search URL Search Domain Scan URL

URL: http://35.180.139.74/share
Title: http://35.180.139.74/share

Search URL Search Domain Scan URL

URL: https://research.splunk.com/endpoint/6c135f8d-5e60-454e-80b7-c56eed739833/
Title: https://research.splunk.com/endpoint/6c135f8d-5e60-454e-80b7-c56eed739833/

Search URL Search Domain Scan URL

URL: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1218.011/T1218.011.md#atomic-test-11---rundll32-with-ordinal-value
Title: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1218.011/T1218.011.md#atomic-test-11---rundll32-with-ordinal-value

Search URL Search Domain Scan URL

URL: https://github.com/elceef/yara-rulz/blob/main/rules/Outlook_CVE_2023_23397.yara
Title: yara-rulz/Outlook_CVE_2023_23397.yara at main · elceef/yara-rulz (github.com)

Search URL Search Domain Scan URL

URL: https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-DUR-001_pic2.png
Title: https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-DUR-001_pic2.png

Search URL Search Domain Scan URL

URL: https://www.windows-security.org/c526612a90004088b250158bc5e7dc2d/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote
Title: https://www.windows-security.org/c526612a90004088b250158bc5e7dc2d/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level
Title: https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level

Search URL Search Domain Scan URL

URL: http://www-cardinalops-com.sandbox.hs-sites.com/privacy-policy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/cardinalops/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cthjm04.na1.hubspotlinks.com/Ctc/GE+113/cThJm04/VXbv1Z8Q37j_W5zYxD91zjDbrW6tdK5Q4Yn1-ZMDyKlX5knJmV3Zsc37CgHF9W911mln1gkW_wW3SGS4p2WJ3SjW2tgLDz3l8mx0W8nzTtJ3hWyscW28J8ry8t6qVLN6T05Rz4gwdrW4djW6K25rw6GW1dvY-M633kSWW1tzRVD8krHflN91-kvCqWD1lW3XvX3w46Bt4KW9ht6S36dc2DDN6Qm8jY2_LFwN38gMYhHN-j8W8RRf-P4JwLDqVVL_JH7HxvQLV54Wk92S9jnLVMYwxb5plzCKN3NVC36HF_9dN63yTH_1jQTZN1sls33kr0NzW2ry1N17SjRV8W3Dk2Y877lGr_W2Nwk7l4hr9FrW39Cgpv5qpzjxW3TSJP31Nr7FnW3jhsSt3MW8dZW1QDzpX6PhjSzW7nzwZG1lb-r8N8F7Q-MNmWgDW71qKh93Xq0GsW2KxT1w3r41VCN7TYlk07RFS4W7xs5mD79Hn2K32Jz1 Page URL
https://cthjm04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/GE+113/cThJm04/VXbv1Z8Q37j_W5zYxD91zjDbrW6tdK5Q4Yn1-ZMDyKlX5knJmV3Zsc37CgHF9W911mln1gkW_wW3SGS4p2WJ3SjW2tgLDz3l8mx0W8nzTtJ3hWyscW28J8ry8t6qVLN6T05Rz4gwdrW4djW6K25rw6GW1dvY-M633kSWW1tzRVD8krHflN91-kvCqWD1lW3XvX3w46Bt4KW9ht6S36dc2DDN6Qm8jY2_LFwN38gMYhHN-j8W8RRf-P4JwLDqVVL_JH7HxvQLV54Wk92S9jnLVMYwxb5plzCKN3NVC36HF_9dN63yTH_1jQTZN1sls33kr0NzW2ry1N17SjRV8W3Dk2Y877lGr_W2Nwk7l4hr9FrW39Cgpv5qpzjxW3TSJP31Nr7FnW3jhsSt3MW8dZW1QDzpX6PhjSzW7nzwZG1lb-r8N8F7Q-MNmWgDW71qKh93Xq0GsW2KxT1w3r41VCN7TYlk07RFS4W7xs5mD79Hn2K32Jz1?_ud=9ea7a2a4-791b-4f66-925e-69011d3e0fe9&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VXbv1Z8Q37j_W5zYxD91zjDbrW6tdK5Q4Yn1-ZMDyKlX5knJmV3Zsc37CgHF9W911mln1gkW_wW3SGS4p2WJ3SjW2tgLDz3l8mx0W8nzTtJ3hWyscW28J8ry8t6qVLN6T05Rz4gwdrW4djW6K25rw6GW1dvY-M633kSWW1tzRVD8krHflN91-kvCqWD1lW3XvX3w4...
cthjm04.na1.hubspotlinks.com/Ctc/GE+113/cThJm04/ 8 KB
3 KB 431ms
401ms Document
text/html 2606:4700:4400::6812:25d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cthjm04.na1.hubspotlinks.com/Ctc/GE+113/cThJm04/VXbv1Z8Q37j_W5zYxD91zjDbrW6tdK5Q4Yn1-ZMDyKlX5knJmV3Zsc37CgHF9W911mln1gkW_wW3SGS4p2WJ3SjW2tgLDz3l8mx0W8nzTtJ3hWyscW28J8ry8t6qVLN6T05Rz4gwdrW4djW6K25rw6GW1dvY-M633kSWW1tzRVD8krHflN91-kvCqWD1lW3XvX3w46Bt4KW9ht6S36dc2DDN6Qm8jY2_LFwN38gMYhHN-j8W8RRf-P4JwLDqVVL_JH7HxvQLV54Wk92S9jnLVMYwxb5plzCKN3NVC36HF_9dN63yTH_1jQTZN1sls33kr0NzW2ry1N17SjRV8W3Dk2Y877lGr_W2Nwk7l4hr9FrW39Cgpv5qpzjxW3TSJP31Nr7FnW3jhsSt3MW8dZW1QDzpX6PhjSzW7nzwZG1lb-r8N8F7Q-MNmWgDW71qKh93Xq0GsW2KxT1w3r41VCN7TYlk07RFS4W7xs5mD79Hn2K32Jz1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:25d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7ab1526e1d56bb47-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Mon, 20 Mar 2023 22:16:52 GMT
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-hubspot-correlation-id: 153a62f8-0336-408e-8948-a00c5ebdfd27
x-robots-tag: none

GET
H2

200

Primary Request detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar Show response
www.cardinalops.com/en/resources/
Redirect Chain

https://cthjm04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/GE+113/cThJm04/VXbv1Z8Q37j_W5zYxD91zjDbrW6tdK5Q4Yn1-ZMDyKlX5knJmV3Zsc37CgHF9W911mln1gkW_wW3SGS4p2WJ3SjW2tgLDz3l8mx0W8nzTtJ3hWy...
https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_yS...

61 KB
16 KB

233ms
182ms

Document
text/html

2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email

Requested by

Host: cthjm04.na1.hubspotlinks.com
URL: https://cthjm04.na1.hubspotlinks.com/Ctc/GE+113/cThJm04/VXbv1Z8Q37j_W5zYxD91zjDbrW6tdK5Q4Yn1-ZMDyKlX5knJmV3Zsc37CgHF9W911mln1gkW_wW3SGS4p2WJ3SjW2tgLDz3l8mx0W8nzTtJ3hWyscW28J8ry8t6qVLN6T05Rz4gwdrW4djW6K25rw6GW1dvY-M633kSWW1tzRVD8krHflN91-kvCqWD1lW3XvX3w46Bt4KW9ht6S36dc2DDN6Qm8jY2_LFwN38gMYhHN-j8W8RRf-P4JwLDqVVL_JH7HxvQLV54Wk92S9jnLVMYwxb5plzCKN3NVC36HF_9dN63yTH_1jQTZN1sls33kr0NzW2ry1N17SjRV8W3Dk2Y877lGr_W2Nwk7l4hr9FrW39Cgpv5qpzjxW3TSJP31Nr7FnW3jhsSt3MW8dZW1QDzpX6PhjSzW7nzwZG1lb-r8N8F7Q-MNmWgDW71qKh93Xq0GsW2KxT1w3r41VCN7TYlk07RFS4W7xs5mD79Hn2K32Jz1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5322b28c9b246ed04af84842869d9e3c5137259e758f0a0260ad57a9ad090216

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cthjm04.na1.hubspotlinks.com/Ctc/GE+113/cThJm04/VXbv1Z8Q37j_W5zYxD91zjDbrW6tdK5Q4Yn1-ZMDyKlX5knJmV3Zsc37CgHF9W911mln1gkW_wW3SGS4p2WJ3SjW2tgLDz3l8mx0W8nzTtJ3hWyscW28J8ry8t6qVLN6T05Rz4gwdrW4djW6K25rw6GW1dvY-M633kSWW1tzRVD8krHflN91-kvCqWD1lW3XvX3w46Bt4KW9ht6S36dc2DDN6Qm8jY2_LFwN38gMYhHN-j8W8RRf-P4JwLDqVVL_JH7HxvQLV54Wk92S9jnLVMYwxb5plzCKN3NVC36HF_9dN63yTH_1jQTZN1sls33kr0NzW2ry1N17SjRV8W3Dk2Y877lGr_W2Nwk7l4hr9FrW39Cgpv5qpzjxW3TSJP31Nr7FnW3jhsSt3MW8dZW1QDzpX6PhjSzW7nzwZG1lb-r8N8F7Q-MNmWgDW71qKh93Xq0GsW2KxT1w3r41VCN7TYlk07RFS4W7xs5mD79Hn2K32Jz1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 7ab15271eb10bb80-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 20 Mar 2023 22:16:52 GMT
edge-cache-tag: CT-107207374881,CG-38657700032,P-7289101,L-38461740685,L-38655206523,L-42303734410,W-42303723430,CW-38437140924,E-38442858740,MENU-42303723430,PGS-ALL,SW-0,B-38657700032,GC-38462611459,GC-42655339610
etag: W/"37dabb012f76e721cf327f96ce744663"
last-modified: Mon, 20 Mar 2023 15:26:38 GMT
link: </hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js>; rel=preload; as=script,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/HubspotToolsMenu/static-1.154/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZl8sWkJ8IRYKkw0iXtvSi68LqM18JCwoL0VoHpctTny%2BQ8oJYMoIfqkqHvOeN23QmsZLYYa3KvlXiwZJBuI0fE15ifEixpKNZEnwpYyN04v2j2RpaGqqEZN75QkLxHZ6Fg0UhFGBrWZB0n5toWX%2FF4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: MISS
x-hs-content-id: 107207374881
x-hs-hub-id: 7289101
x-hs-prerendered: Mon, 20 Mar 2023 15:26:38 GMT

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7ab15270b8b4bb47-FRA
date: Mon, 20 Mar 2023 22:16:52 GMT
link: <https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email>; rel="canonical"
location: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-hubspot-correlation-id: 2e551228-dc80-40d6-977b-9e808f187142
x-robots-tag: none

GET
H2 200 comment_listing_asset.js Show response
www.cardinalops.com/hs/hsstatic/AsyncSupport/static-1.122/js/ 8 KB
3 KB 38ms
36ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

043cfebfa4ec302e0368eadbae54853a5b6caff633b3d1e02a32f2cd2f71e1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 4D3b_.jtdSCbU1XTktruWk73HT0wxWk7
age: 23377272
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 15:26:09 GMT
server: cloudflare
etag: W/"2455723721db341ff86a4f64384a9c0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIva4ffJ1JjgPmoNVNhXtaCMAWor6BWuvftBzWYorFdnNFubDAn0ZlGnS0dC10lJF6vUOQ4VZYA66SSM%2B8QU5cCoaHZvdCYhKWg6%2FytTbuIWXx6xnOd9wtTXrhb6F5bhefFoA4d%2FQq4mWy9eWd1dzNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ab152731c9abb80-FRA
x-amz-cf-id: SzHRsATbbG9l9SHebBid9UwwRMiVBmwXHI2fdCvE18Q4Lpffn0uBBw==
expires: Tue, 19 Mar 2024 22:16:53 GMT

GET
H2 200 project.js Show response
www.cardinalops.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
1 KB 40ms
35ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 d6af36beca3f7783d95ace5e26a5af90.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
age: 4720208
x-amz-cf-pop: DFW55-C3
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uymQab8GvPWma404AccIh%2BueUCJsrMZJH8tsbh59McUmqzYk6BoPDUA8SYUKJNdQKEZIaz5E6%2Bm8LFFRiJg4wHLyPi3zd6QdBEiC5wykhKn5ynETFjKbnHIO3WV0%2Fb%2BQcgzUvimP3ZdM8BHXYJVx42Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ab152732c9bbb80-FRA
x-amz-cf-id: wNaXQtIqGZm1_-PG4oCgAM-qPXSj8aubvUdgn4HsA3d1Llnfo1zPYw==
expires: Tue, 19 Mar 2024 22:16:53 GMT

GET
H2 200 index.js Show response
www.cardinalops.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/ 11 KB
4 KB 48ms
43ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

49c050c7a4775b5b84a5ceabf44f33074c79c051306286a8be611e9794704894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 51b6f8f9e6a4ed138b0c486aecbc264c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: zqfoHVEO7SsMjSP1JrsnDQf9ix87l6qJ
age: 3393039
x-amz-cf-pop: HEL50-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Feb 2023 15:43:08 GMT
server: cloudflare
etag: W/"d57b3d84e0be8dd0aef0781d100c0d14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bhPBHhB0XBpxlgOts%2FwyB11H5PvjhTYqNUrj7fsLkI8TVIjXQOZ76HQqCzeRq64LA8wi8DiEjTed1GpRNlyb7X%2Fyn%2BlPXhFRShRu36hmAy6zlZotqgPzjnVAh9ipvBZlDXMtELaEx9%2F%2B7FiDPVNFNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ab152732c9cbb80-FRA
x-amz-cf-id: b41iXl-Mita9ymWj2NqujpwtmA5d3QgUfYuRHAAGkrWkPU26I4rhsg==
expires: Tue, 19 Mar 2024 22:16:53 GMT

GET
H2 200 project.js Show response
www.cardinalops.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 38ms
34ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
age: 23379945
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02MoCNrDSb0lrRpXCu%2BEB3tpMPI%2FlRnKZHxz4BllJkw1VTDkb2sM20LQyotCYGgYk71AAIlUx8pwHcOYIGBHDarVcNeGDcXstrYaeSSvoqVYVAjd5yDh5MLXKPt1x0nk1stKmU1MEXrYuZ8E52Zy%2FqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ab152732c9ebb80-FRA
x-amz-cf-id: tyTcy9dgKTSNID40zzq7pAE5RO6j0NXSyXm_SEcHdFKq3bYxrnlF3A==
expires: Tue, 19 Mar 2024 22:16:53 GMT

GET
H2 200 post_listing_asset.js Show response
www.cardinalops.com/hs/hsstatic/AsyncSupport/static-1.122/js/ 3 KB
2 KB 41ms
37ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: nC1hzr07YsutChb9rCwKsMoiyxip8lR7
age: 4720079
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 15:26:10 GMT
server: cloudflare
etag: W/"d95d7dafd49a1edc76a47120c287b579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtReH3WQGURwuKNX5%2BP2mC0pfGMGccXO0vvpsTc5KztRluF3fdCtX2h2FZxlZn%2FJGnZgrMywizVENyEhLPILNxMxo2fxXdC5JmhXqumRcO1whIsrtICRxikK8he4z2Stzi8%2BbX%2BeW9PHSId3vFJavXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ab152732c9fbb80-FRA
x-amz-cf-id: INLC28-S2KFR-6xPKGXGkAHBQ8FXNbXnTSNgxaKoT4vj0frVV8g2yg==
expires: Tue, 19 Mar 2024 22:16:53 GMT

GET
H2 200 v2.js Show response
www.cardinalops.com/_hcms/forms/ 509 KB
166 KB 40ms
36ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec5f7597c123181788fd043c205d990937daab3c1565e7df4ba16d47f030c160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 2wXcdIzl9WRVTrxeR26mvDAXbt4ZcTF6
age: 530
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2802/bundles/project-v2.js&cfRay=7ab1458340988fda-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Mar 2023 01:33:37 UTC
server: cloudflare
etag: W/"ae0386c025bb39c5f937fe3f182d3e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlVfc7DA3QFtmv2ZbMPijHATuFSRCOUBm3MW7HQHyfq5mNLtbvvp6KMdIqAcOne4bA%2FLjo0Yci6CDyiXc9p%2FVH5a7KTsDnoA1IVwNa2f1ZTvmrpFyT0F7IPVdksnQ6PCpgMxfsO1smEIhV1LzsGl6kg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7ab152732ca0bb80-FRA
x-amz-cf-id: vCBk_jYeh6uAuGDMBBVFZAetGKAV94StM1uuyi-qunt8bbULIOSXdA==
x-hs-target-asset: forms-embed/static-1.2802/bundles/project-v2.js

GET
H2 200 jquery-1.7.1.js Show response
www.cardinalops.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
34 KB 37ms
34ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: www.cardinalops.com
URL: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 64585853437a64d04c376ce448746668.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: null
age: 4718680
x-amz-cf-pop: DFW55-C3
content-encoding: br
x-cache: Hit from cloudfront
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBWAgdmvUFWw2STCngBJvWEotkVeGXHbMZhSS2VOwIHzxMUBYjSWcBAfVOTILO2%2B21df7tW7sPYgd8k1jGQAoQjGUIFuKoGuCHNcKM1BW4eI6Ih%2Be8Y08STfPh8nTPHOl31WKEfNLaUYRhXT3Jp%2FPBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ab152732ca6bb80-FRA
x-amz-cf-id: ORGj_fS451Qgx4lMQ9IiibpdvFLtioQjBopMXBc7nU4U7YwRQwh2Eg==
expires: Tue, 19 Mar 2024 22:16:53 GMT

GET
H2 200 comments_listing_asset.css
www.cardinalops.com/hs/hsstatic/AsyncSupport/static-1.122/sass/ 1 KB
1 KB 35ms
32ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/hs/hsstatic/AsyncSupport/static-1.122/sass/comments_listing_asset.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed92c951c39983af4f5fac78a5bab4c390b3faf7c46e2a35256ee38f5443ffa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: LQgaE1SSZjkxZtePb5jE9vLc6kDw7LTx
age: 4719404
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 15:26:10 GMT
server: cloudflare
etag: W/"6b1d31d121f4c84e5ee3b7d7446495d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn2yw853F7oFPMJjYS0zoTZHpe%2FU9%2F1y%2BpD5V8rCjGsbYoiEIIH2Iw321VRtBz2r%2Fca0dLlfPG9n9MPSmeEPmpD0VlfmiWMmAc7hYB2FRvO5vnvgPrdCj7ZETgv6Sr553jc0xNuDunZFmbj%2BqKCPsBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7ab152732ca2bb80-FRA
x-amz-cf-id: jvw1aIBpKxMe1gtCo3RtPwWQRh8SfQhP1TY1uXm4WfIYCFWKK0Z-Sg==
expires: Tue, 19 Mar 2024 22:16:53 GMT

GET
H2 200 rss_post_listing.css
www.cardinalops.com/hs/hsstatic/AsyncSupport/static-1.122/sass/ 910 B
867 B 41ms
39ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/hs/hsstatic/AsyncSupport/static-1.122/sass/rss_post_listing.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: YluxiXaQWSQWC28IUPv3NXYXDi68ylxl
age: 4720123
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 15:26:10 GMT
server: cloudflare
etag: W/"e1b521ec14a912d6d385c21388ec7d79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvRMQ5yuqbnrvEJ7L9Be5t0WJP4wvxTryKJUE80qOVv1Tu%2Fp4V5L7tpnhMXFm9VanXZWwKsGf7RUVs49jBSoZUbzvGKaj9FfEJVF9rDrB7ynIBP%2Bah%2B47I2jemWy5mU9pQHXYNQENHvZwzLGhIXNrNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7ab152732ca4bb80-FRA
x-amz-cf-id: wRPq4gRubIHzANgCAz0wyem-7EHBI0sWOKp6XwIsrLR6avpBMEzHMA==
expires: Tue, 19 Mar 2024 22:16:53 GMT

GET
H2 200 in.js Show response
platform.linkedin.com/ 509 KB
160 KB 220ms
7ms Script
text/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Play /

Resource Hash

0498b01282b4876d7d7f5502d62ea3764ec0039db75f1d5acd33acae2c63a040

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
server: Play
x-li-pop: prod-ltx1-x
x-cdn: AKAM
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-ltx1
cache-control: public, max-age=3600
x-li-proto: http/1.1
content-length: 163382
x-li-uuid: AAX3W+uNHLWWgrtlEHk58A==
expires: Mon, 20 Mar 2023 22:50:49 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1679321773829/hubspot/hubspot_default/shared/responsive/ 4 KB
2 KB 72ms
45ms Stylesheet
text/css 2606:4700::6811:f0cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1679321773829/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.cardinalops.com
URL: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f0cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28794
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Mon, 20 Mar 2023 14:16:15 GMT
server: cloudflare
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679321774855
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmDKrc0vkfliYXL2YRNZhwVL1m32YxoIbgJOuw9xO%2FSgVDDEZghnp58RhfI%2FxY%2FioNdHlu74WtheLlKBS15K07xhzYNzYu%2FcNksnZcnUiNexV8yEMe3wXoufDPnXNLyDR8DUvqsJ%2F0267c1GW5Q%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab15273481d3a49-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 Style.min.css
www.cardinalops.com/hs-fs/hub/7289101/hub_generated/template_assets/38442858740/1668147745420/Cardinal_Ops_Site_Dec_2020/Coded_Files/ 37 KB
9 KB 311ms
309ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/hs-fs/hub/7289101/hub_generated/template_assets/38442858740/1668147745420/Cardinal_Ops_Site_Dec_2020/Coded_Files/Style.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d819896f9525403a02aa283534db0b35227f1d0a690568b9bce83b70cfdbe1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Vq5emFGkQhvypP7ESqirHHU6fggFBiF3
x-amz-cf-pop: IAD89-P1
x-amz-request-id: Z6FQXESW8FMW7PRA
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: VX+nNuF0gCWSnxiIhOapL4M3YWSKcafVj/tAjhUcYnlaQYK0fY+Jk4vQyAc6SL8YvqxkeT/3BmA=
last-modified: Fri, 11 Nov 2022 06:22:27 GMT
server: cloudflare
etag: W/"e16e0ededc7866a0913609fa947dccd7"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1668147746553
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZK1VSPR6dwUc%2B%2FOLMhdkOZhnNROTmMDAN0tURkr%2FLS2jXjL2n3TUZXX8nL%2BEPqMrU0HYj0pFUlIXRgecwExIrWcPCEKIllcdJn3RUqPRckL76fZ9MGg%2F7aLl%2Fhc68CCOYZGlHZHRPi6dUb0LCyqRFk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7ab152732ca5bb80-FRA
x-amz-cf-id: De4qpFqx0LuYg1uMYQCIeHAoYI7pbQ7gMUAgpwPDQClEozEKhSFo1Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 31ms
12ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3886883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIOoi2Ur6PHZzVRJV5e6gC4mIgWjkyE6Uh%2BY%2BLadNFjxp30hHgZekh%2F2ixXEXTGTb%2B9ulDttspIrFzBwJ4ZrZtj8gc9A5P%2Bf8hVG%2BJff0YUAbumZYih1bQ7NCyq8xrjv9eQWMSPTYC3BHzZEHOtkmgJ%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ab152733bb75b74-FRA
expires: Sat, 09 Mar 2024 22:16:53 GMT

GET
H2 200 matchHeight-min.js Show response
www.cardinalops.com/hubfs/Cardinal%20Ops%20Source%20Files/ 3 KB
2 KB 659ms
658ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/hubfs/Cardinal%20Ops%20Source%20Files/matchHeight-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

78bf574ab08e486536edf0d68a5b2cad93e9dcad0345e255e3428c51b6fc409e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-38451552542,FD-38451524788,P-7289101,FLS-ALL
x-amz-request-id: NG1TTZ7B8XVJFCS7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38451552542,FD-38451524788,P-7289101,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"4d9a91bb66cfabd87602261b4b33d26a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1607339966590
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 7_y_n6uN9bPMyrBZf7fqU4x9vPgxhgfw
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-38451552542,FD-38451524788,P-7289101,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hOUJWOQIUudVALuKNKVwiw1AubYMNXkGYDID6kdaFiEGRLxBG+Z76PLQsig2xTybi8Upj02QhfM=
last-modified: Mon, 07 Dec 2020 11:19:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZQ9HEj%2BP%2FnOgb02VkUgv2e6cb7i3bbgjXjb5ujhRuQWAgjr6%2Fys%2BWyzytw%2BiK%2BhGZEfED9v7GrS4av6Yy0NPEhzI%2FqfUz9%2FRaj7XFanvrJKOF%2FbVGuQveHIXB5CyZy3yHO7Rj9bwWdNfat2dg4zssU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab152732cb1bb80-FRA
x-amz-cf-id: pL4Q0ied9tWSDYzCM6JoFwM3BJjztug1pBuKyCnK4WY3wU_2lwZhNw==

GET
H3 200 logo-white.png
www.cardinalops.com/hubfs/ 5 KB
7 KB 862ms
861ms Image
image/png 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cardinalops.com/hubfs/logo-white.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4a9207d77e55213442f3540d2fbd16daf168e4c736b2a84fe8601ba11495374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-38446259784,P-7289101,FLS-ALL
x-amz-request-id: NG1ZTC8MQBPZD2JW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38446259784,P-7289101,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "d9244dd47090b1e89ae81b3173726be3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1607334171065
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: uq5hv_ATcgplfjqWYKQjUDs5R4XUk0az
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-38446259784,P-7289101,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5599
x-amz-id-2: d4c+PIuvFw4ZinpPpKgbadnPqqp5F74J3AkkF95QdPYrVx4NERyW4TIcmLdz7gwbjUV9imAM860=
last-modified: Mon, 07 Dec 2020 09:42:52 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knofHJEn5UrOoQXL%2FMMc75WFUdNiFeBSmgGJPPNj1%2BxYdsWDa09gNPq2FchRwjHqmYnO69SHnYhmp2uiCGc6POAnJlxcWxphweWJLdRb52K4wY56hbrOhMjuohTc7GRKfP5H6LtQixDDb2KgWUOk%2FWs%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7ab152766cfabbce-FRA
x-amz-cf-id: BruXqmS0oMD4MhdTnoPmdDc1XheRhKW871d11mMGqiGprdxU7MmhCQ==

GET
H2 200 jquery.fullPage.min.css
cdnjs.cloudflare.com/ajax/libs/fullPage.js/2.7.8/ 3 KB
1 KB 15ms
13ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fullPage.js/2.7.8/jquery.fullPage.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a21dd1482b39f53208d768481230524b82fc600b8090919964b9aedcd38b642

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 953322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 883
last-modified: Mon, 04 May 2020 16:10:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e6b-d1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avB0dNNhD3e2mkJLt%2BJm29bKiDIM4c2keCuZqRIkJbCQwuASyhY9UjlqIsosJhJLs83sPMkCDY2gjjsIr4XHsZiaBhcMJ8RjEncaU9Qbx05HxNLtzZDOJ24w1JbW4JJA60j7M4TzuJKw77ZTIgNnga0J"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ab152751cdf5b74-FRA
expires: Sat, 09 Mar 2024 22:16:53 GMT

GET
H2 200 fullpage.js Show response
203881.fs1.hubspotusercontent-na1.net/hubfs/203881/iconn-2019/files/ 107 KB
25 KB 134ms
99ms Script
application/javascript 2606:4700:4400::ac40:9ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://203881.fs1.hubspotusercontent-na1.net/hubfs/203881/iconn-2019/files/fullpage.js
Requested by: Host: www.cardinalops.com
URL: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0401f0469b6626eea5e1b982a79d8820ce4685af12b2a5174c4723af05212455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
via: 1.1 acedc7c6cea590be7de3f8c4ac455bac.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-meta-cache-tag: F-7488609512,FD-7488397436,P-203881,FLS-ALL
x-amz-version-id: fbuj8YjoNUBlrYF7izEjLRJ3LftKoUSv
age: 29814
x-amz-cf-pop: TLV50-C2
x-amz-request-id: APYPF8N92Y00AFMV
edge-cache-tag: F-7488609512,FD-7488397436,P-203881,FLS-ALL
cache-tag: F-7488609512,FD-7488397436,P-203881,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-id-2: d35+9CO710GEOrpqV5FRon/hBH1NfDvTGrBj5LIR5qiXIjUXdxJbRIrEUYu6hzIVVTl8QkLgc7I=
last-modified: Fri, 08 Feb 2019 09:31:13 GMT
server: cloudflare
etag: W/"9a5560301f09ee821bb5085357ac5d47"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray: 7ab15275cf859bf4-FRA
x-amz-cf-id: 3yuMkRwjwOIAeG6mml55x7_prreD5Y_HoWZtbk7iqZaYMiWmn4ZDDA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 CardinalOps%20logo-White-White.svg
www.cardinalops.com/hubfs/ 4 KB
3 KB 858ms
858ms Image
image/svg+xml 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cardinalops.com/hubfs/CardinalOps%20logo-White-White.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb862724b9ac47477b69fde6c916b0f4bbf234cc10ba46feb2d5b33da33d6308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-39847661609,P-7289101,FLS-ALL
x-amz-request-id: EFPH1TQXWFGH3GG1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-39847661609,P-7289101,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"bcddfc362f6c21fc326162a2b3b4a806"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1609864220742
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: jvxgMBHkNU40iQa9LAsa0BS5OZ1eaxeO
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-39847661609,P-7289101,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: qm7+9xRjC53IVMs70g5jg9a32xekQh8gY+RqnjI71Enj0Eo2TkmIr9JDFUmCicbkNY170rzyJsI=
last-modified: Tue, 05 Jan 2021 16:30:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKXYRyIpDhS0LmQqD9oQbdcOcXbtwT8JgUkjoUltABOqLsFHkJfcp9HQ7FAUvWH7TBVmSBdr1qSwmkeI%2BitCuvLQMw16s%2F8D%2BDrKmuc8C%2BYaTkuMrjUlkCc7pVb5%2BmM%2BLP9wkpa9iirQHTwpiiyYeOc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab152774e06bbce-FRA
x-amz-cf-id: nziJkFlzyhnzRPlZ3cZwpLcPZ0qVZYrfdj0MiG2-7GEAuxUqOqQWwA==

GET
H3 200 soc-2_logo.png
www.cardinalops.com/hubfs/ 131 KB
132 KB 818ms
817ms Image
image/png 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cardinalops.com/hubfs/soc-2_logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2954c5d54a0dbe2847c0d06d59c08d2f6e919bc944f24d825c946251d05770d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-65410476325,P-7289101,FLS-ALL
x-amz-request-id: R6AD1HX1GWN6Z17E
x-amz-server-side-encryption: AES256
edge-cache-tag: F-65410476325,P-7289101,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "390941d5dfbc86ac17ae771777c680c3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1643892914158
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 999NqZ7RrNSPiorHctdmT.kGzZivepe.
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-65410476325,P-7289101,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 134183
x-amz-id-2: 4DgQYjJBG10dCaA3PzbgATPbYjgxdltbR7lnvIei/AlTEKoFTr7swochiVWXh/2FWeUlGysGBFs=
last-modified: Thu, 03 Feb 2022 12:55:15 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBprfGO5IicQrDFmOWGR%2FQ%2FypjB4L%2BDk4Q50ZrcowIewlh0T3ztEaoHFrTnAtauxPIt5Do0MDM0rmlNj6P6Jnkvy3sAYHz%2FGQLE8%2FjyVvSm6TVZ%2FgoOjJWkRSzIRPQYs%2BheaUyxHNl%2Ftbw36rYI8MPA%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7ab152774e0bbbce-FRA
x-amz-cf-id: BwVT23eavAc823Eh4Md-2kpYuI5MwQLZ_UkM6PPC6hwFCnrWo8XCsQ==

GET
H3 200 7289101.js Show response
www.cardinalops.com/hs/scriptloader/ 2 KB
1 KB 394ms
392ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/hs/scriptloader/7289101.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

db6b2380d521be1ad8ae8659b8baafd2becdc75b4051b343800ad8ed183d4823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 24245198-c9f2-4e25-95fe-072ed984e377
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 20 Mar 2023 22:16:54 GMT
server: cloudflare
x-trace: 2B8F16F6667807EA4B4F59F31C5FFB73202B30ED32000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cardinalops.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awwZU17FnXfFwIf%2BZBzbDyqHNhS%2FmqWFR6w8UvfqkNL9%2BtWQtAV9APr4l9zl3EYUckN6AcDQd9tp0EoVuqd33ju7Bv0Nje6OQlL4iilWbLgjS%2BmxNdplHRgR8rK%2BCyc88NV4U4f5sKsew8U8shU3N1g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7ab152774e0ebbce-FRA
expires: Mon, 20 Mar 2023 22:17:54 GMT

GET
H2 200 6206b760589e15001564f82d Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 230ms
150ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6206b760589e15001564f82d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4fdfa5dc5c087f197a885da4869600323c85ed4227d765a1cb81fdde5ee61eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7ab15277c9d99a1e-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lftracker_v1_YEgkB8lPvyM8ep3Z.js Show response
sc.lfeeder.com/ 32 KB
11 KB 140ms
25ms Script
application/javascript 2600:9000:215b:9000:1f:f723:6fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_YEgkB8lPvyM8ep3Z.js
Requested by: Host: www.cardinalops.com
URL: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215b:9000:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8f7aae7a572a8f023d5ea8237579380e136f9d4f6dd31abe1fb8f91c67f8bd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: odzwe3Q3xC_f9ZSLUChHBF03mQ9jtTjm
content-encoding: gzip
via: 1.1 a0f4468818f72f22dc199419b0ebbcc6.cloudfront.net (CloudFront)
date: Mon, 20 Mar 2023 21:26:05 GMT
last-modified: Mon, 13 Mar 2023 07:07:19 GMT
server: AmazonS3
x-amz-cf-pop: LHR62-C2
age: 3049
etag: W/"22466641e4aa2922a57fce6809f5029e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: kZOwji4xkwTm0dhBDUIhJ5uEaUjeM9pBzQxnkFuKjbKloIoyw0uShw==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/4U7EH3L46JBUBGMZEC4ZHM/ 71 KB
21 KB 103ms
20ms Script
text/javascript 2600:9000:2248:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/4U7EH3L46JBUBGMZEC4ZHM/roundtrip.js
Requested by: Host: www.cardinalops.com
URL: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0889191f0926e9ff6d0b3361134127f61215e494780640fe24052f7c67e4a515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id: B3XLfgyvlDbuqXYueGsFtSWo3nMcqYH3
Content-Encoding: gzip
Via: 1.1 61beea9b7a54f47fca4ae4dea3f52fa2.cloudfront.net (CloudFront)
Date: Mon, 20 Mar 2023 21:40:44 GMT
Age: 2170
X-Amz-Cf-Pop: MXP63-P3
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 17 Mar 2023 21:08:03 GMT
Server: AmazonS3
Etag: W/"4369e9972448c60558d75ba1c8716573"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: kbPYzgTzNvuAuI3PtJ1oNcoKDmToT_fH-OGxELQa2W44enKCfsx3Bw==

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 99ms
16ms Script
application/javascript 2606:4700::6812:de5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:de5a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: 8QQ075F43AV5NM50
age: 4135
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xGy+Qa9YPBSCqOzKzJZn/Ui36wwqSNnUw2G5hF/1oKoRyGsyrK3SRuCZWVRRaDKGhPYukzZSxaYVEKvdJOONjg==
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7ab15277cf63912b-FRA
expires: Tue, 21 Mar 2023 02:16:53 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 33 KB
11 KB 92ms
7ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

0d9dbf31d05263a24eb79aaf7c6e26917c6ccd31b642bb4a1d34292e25daa405

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 22:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Mar 2023 21:36:45 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "640a516d-8319"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10492
expires: Mon, 20 Mar 2023 22:16:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 74ms
35ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Encode+Sans:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.cardinalops.com
URL: https://www.cardinalops.com/hs-fs/hub/7289101/hub_generated/template_assets/38442858740/1668147745420/Cardinal_Ops_Site_Dec_2020/Coded_Files/Style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2a4ad68dd2204384720e168ac5b439d77ec69a42c0469f32a38f268f9595936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/hs-fs/hub/7289101/hub_generated/template_assets/38442858740/1668147745420/Cardinal_Ops_Site_Dec_2020/Coded_Files/Style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 22:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 22:09:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 22:16:53 GMT

GET
H2 200 COps-web-texture2.jpg
7289101.fs1.hubspotusercontent-na1.net/hubfs/7289101/ 98 KB
99 KB 952ms
941ms Image
image/jpeg 2606:4700:4400::ac40:9ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://7289101.fs1.hubspotusercontent-na1.net/hubfs/7289101/COps-web-texture2.jpg
Requested by: Host: www.cardinalops.com
URL: https://www.cardinalops.com/hs-fs/hub/7289101/hub_generated/template_assets/38442858740/1668147745420/Cardinal_Ops_Site_Dec_2020/Coded_Files/Style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 627c6c6d415c58167309608c305b2d84f1007f865fec6f8576b61c0342345b46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cache-tag: F-38656047947,P-7289101,FLS-ALL
x-amz-version-id: hedQ6Ifl.EV_o.HnRyIUFiXBDpwKi79a
x-amz-cf-pop: FRA56-P7
x-amz-request-id: Z5B5A1D2CRW9251G
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
edge-cache-tag: F-38656047947,P-7289101,FLS-ALL
cache-tag: F-38656047947,P-7289101,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 100371
x-amz-id-2: OtOxrWSkjF5M1OA/2Pg/rRykQ8GuQ4uy91j0kPXjxwHVa0W8NfSQ/q+l7UjI16nlILGZclsPsmI=
last-modified: Fri, 11 Dec 2020 10:24:48 GMT
server: cloudflare
etag: "29bfbe07e9356a61be0804fca2ccb6b9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1607682287765
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7ab1527779a19bf4-FRA
x-robots-tag: all
x-amz-cf-id: ImzRCjsi3-2_OLlBz4uW_cXd8jg6L3LT27mb5PgxuRb40IbWNX_EuA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 Screenshot%202023-03-20%20at%2010.15.11%20AM.png
www.cardinalops.com/hubfs/ 209 KB
210 KB 854ms
853ms Image
image/png 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cardinalops.com/hubfs/Screenshot%202023-03-20%20at%2010.15.11%20AM.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

41a1d398c40c40226cf359dadeb451657a703c9d149375fb3bcd9f9e6b87914e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-107215787050,P-7289101,FLS-ALL
x-amz-request-id: VYE2FP94KG5N2RNJ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-107215787050,P-7289101,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "d2fc267fb4da7ad5a07d4765e829ad67"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679325593517
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Onj02_G0P9s28_B0_gXHbEaHKPHBsUWY
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-107215787050,P-7289101,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 213693
x-amz-id-2: TKOmYL09HteqJMIEItU9mEzfuwcKeIsLHAUF98pkIQDzNVi9vzDHNhVmzwgUVNrBvhZUfwU1dvg=
last-modified: Mon, 20 Mar 2023 15:55:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opHh9fPaAcinjcIVeQLKbeahEcSmkU46m8ZrUeXdkf8Pc%2Fc63e9i4QvMY5QCIM84y2t07RxYwXSAjhYxo6csUkferbsCF%2FoltOGPwZLyCGueYZO7fGNgQh0YJ0wIFsCHMQf6drhJNXH2JD1KkDU29RA%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7ab152776e3abbce-FRA
x-amz-cf-id: U8A9iPZLz9DqgOKMeBLWL0LlAC3vsEsBO535AbMLuZWmPU2MXkNtTQ==

GET
H3 200 icon-linkedin.svg
www.cardinalops.com/hubfs/ 899 B
2 KB 849ms
849ms Image
image/svg+xml 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cardinalops.com/hubfs/icon-linkedin.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1a08209eb7e6163e44d6702f327080e81bdf28c862dd4754a8f7d0b538a438e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-38462467075,P-7289101,FLS-ALL
x-amz-request-id: 3FKB7MSGB9G9Z9XS
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38462467075,P-7289101,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"b31fa6e2e91c4e4256ac3795f57565a4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1607355928696
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: k3qAjQGfWRL7Gej1Q1IfcIwFAvWmajxP
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-38462467075,P-7289101,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Ksz8leaDhaRvt56kATG40SoF4Jzr4LHToBm2BmQNM4jQFZZcfFkyZZtVAoef8M/tbkyMRHiLC54=
last-modified: Mon, 07 Dec 2020 15:45:29 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V72Y6RzGu1P9ufHfq5jLSk%2BF8cEK%2BWhav21df%2Fa6PaUZITv9Us%2BFU47JmbCD2nYxSNhkxiT31DJsUZDrwbpA6fxDkPdKhF14vmOWgHjp95cM6cgOmVN9YOn31rVmlp2FbIflb77Y7b41Z6ON2TzbUMM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab152776e3bbbce-FRA
x-amz-cf-id: a65SxtKHM2mQo_n9T5YPBTdDICgghjzbTWTxdsodVaQJvk7GwkAu7w==

GET
H2 200 LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2
fonts.gstatic.com/s/encodesans/v15/ 26 KB
26 KB 76ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesans/v15/LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Encode+Sans:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3d7689f053a455712c0ebc5109c88c84ec6c58d46b7eba82245db519becb719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cardinalops.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 22:02:51 GMT
x-content-type-options: nosniff
age: 260042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26256
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:26:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 22:02:51 GMT

GET
H3 200 json Show response
www.cardinalops.com/_hcms/forms/embed/v3/form/7289101/e932d4e4-8e73-4e43-9aee-45272120bf6c/ 10 KB
3 KB 422ms
422ms XHR
application/json 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/_hcms/forms/embed/v3/form/7289101/e932d4e4-8e73-4e43-9aee-45272120bf6c/json?hs_static_app=forms-embed&hs_static_app_version=1.2802&X-HubSpot-Static-App-Info=forms-embed-1.2802

Requested by

Host: www.cardinalops.com
URL: https://www.cardinalops.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa374c098b15cd4aa2683f8af52c70e2ca81bed3966b5c2dc3d27392919daf96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-origin-hublet: na1
date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 0788998f-edc0-447e-a4f2-e2290f629ccb
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B7015EEBB8E56B001D163089059C4C358403801DB000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tiepu%2F4Qd1ligTMjLW5doE7vyLQm1BC7PcEgPyebATaVGMS355vpZHYHTnx2B56THsqeZyit1VCRQnQ8rS%2F8bjBNCKeLnw3HCcAcIlWvLY0JnBnY3TYXO4qoQAaHKj1wltlWu3qAfr6aDCq3dhv89uM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 7ab152779e64bbce-FRA
access-control-allow-headers: *
x-robots-tag: none

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 45ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2a2ddd8852f369a88c32ce5c2a6a2d03c3b126b03c28fa89a4ebe4eb8255d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Mar 2023 22:16:53 GMT
content-md5: 4SM5qhSbg2HXr+pTVLCldA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1683
x-fb-rlafr: 0
x-fb-debug: kdSgv+rkR30HdV9aY0Dlzcici/QL7YiVbDV1ZNpXZwTuSuLYliV0tOuV1efnix+EJaRYx3XlbdF2hPfM9H6e9g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 970abcbc52077b4685d87cfd94c8bac8
cross-origin-opener-policy: same-origin-allow-popups
etag: "75e91ace4af956758fce519c8f8e6415"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 20 Mar 2023 22:21:13 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 75ms
8ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.cardinalops.com
URL: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 22:16:53 GMT
Content-Encoding: gzip
Age: 1144
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/67E0)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
748 B 213ms
186ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=7289101&callback=jsonpHandler

Requested by

Host: www.cardinalops.com
URL: https://www.cardinalops.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: 030ac4bb-d4dc-4fb4-97ba-9aab14c8d506
x-trace: 2B0CE136FDDC72129F93539BF26BB209FB6F5876AE000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 7ab15277ca98926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=7ab15277ca98926e&resource=unknown"

GET
H2 200 public Show response
api-na1.hubapi.com/comments/v3/comments/thread/ 76 B
712 B 150ms
123ms Script
application/javascript 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-na1.hubapi.com/comments/v3/comments/thread/public?portalId=7289101&offset=0&limit=10000&contentId=107207374881&collectionId=38657700032&callback=jsonp_1679350613709_85085

Requested by

Host: www.cardinalops.com
URL: https://www.cardinalops.com/hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b0e834ac8dbaf78f462d1b02b0f66d0a5d5ec6f312e7f40548d0b6b77aa79bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: 0baa758d-b7b8-4076-a3c9-5fcda9212c07
x-trace: 2B161A04BFF2B41AC07652351BC98A3F0C69187945000000000000000000
vary: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4uOs8KoPb1N0L1iLYDMcnk8Gg2rB2JKnZRKfpBlOjte96j%2F5bB9ZOqMGCGDtHXQobScQTyno5AoeFLPlQ46t6J1uMd%2BmhCK4qIWgmPM3qbDGnEoMKDum8hckaSwnYh1mgZg53gI86giFxBCOwxIsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: false
cf-ray: 7ab15277df7e91ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 postlisting Show response
www.cardinalops.com/_hcms/ 2 KB
1 KB 165ms
164ms XHR
application/json 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/_hcms/postlisting?blogId=38657700032&maxLinks=5&listingType=recent&orderByViews=false&hs-expires=1710861997&hs-version=2&hs-signature=AJ2IBuGf44PBYOWqVbC-ev26buAXnwC2hg&currentUrl=https%3A%2F%2Fwww.cardinalops.com%2Fen%2Fresources%2Fdetecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar%3Futm_medium%3Demail%26_hsmi%3D251000918%26_hsenc%3Dp2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8%26utm_content%3D251000918%26utm_source%3Dhs_email

Requested by

Host: www.cardinalops.com
URL: https://www.cardinalops.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c43cebfdbff079eab0377a6781b6213d1f5a3e8220c0cdc3a9d6a28b73de64cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: cf49973d-9552-4329-bbf3-fda410ab6ea1
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 20 Mar 2023 22:16:53 GMT
server: cloudflare
x-trace: 2B8EDE45F705360DAD9BF8577D43F06CE513531128000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocpmBEPnJre3Jvko%2B2vmmMsbXVzZlImTUhduPyN8qryp3gNEVDB5lqxdOEFH%2Fh1dXFd3FTSgFcBU8g57tValWPiWXXzmmngwUuDXIUS%2BF2fYcSxVJxeTYllg3V5Ew%2BmEKzX3VsuqmbooeZbVKvy4VBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-credentials: false
cf-ray: 7ab15277be93bbce-FRA
x-robots-tag: none

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
815 B 62ms
15ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Mar 2023 22:16:53 GMT
AN-X-Request-Uuid: 3a783890-f2d1-45b8-98bc-4b67b1fed3cb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cardinalops.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
205 B 10ms
7ms XHR
text/html 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.cardinalops.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
318 B 72ms
7ms XHR
text/html 2a02:26f0:480:c::210:f194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:c::210:f194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c88b840f447f11dd645c51a5e9f381774f4c89becd41b0e094b005faac64b4b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 22:16:53 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.cardinalops.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2030:a004:1::4
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466486_34664532_548430610_11_512_6_0";dur=1
content-length: 23
expires: Mon, 20 Mar 2023 22:16:53 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 302 KB
85 KB 21ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=b75cb614d4ae19a1d6f5fde01ef0bb2b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525abb62c61a67f157855027a44a9076c967ee3cd1cda9049b6a8eaf3e66e1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Origin: https://www.cardinalops.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Mar 2023 22:16:53 GMT
content-md5: kQRpxOs0ARxqRMtaPpPS9g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86942
x-fb-rlafr: 0
x-fb-debug: ittwigT4la8faQ1bXTDR/l/rQYPMPpgSLLkFh8NUbqszPXYZ3Gf8hD7F3OzePvbGBHmdsLKw643ZN5hHIjSBdg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: efb8d2b0c5064cdac40e52d81ef3b423
cross-origin-opener-policy: same-origin-allow-popups
etag: "ff1a4f42fe1634967b4a336d842d23f7"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 19 Mar 2024 19:18:56 GMT

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
406 B 391ms
111ms XHR
application/json 54.242.17.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDkxOTF9.C49VZvZY9ppXVvNQ6BmNoWpJpMU45U7eI1EJQRTAMaE

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.242.17.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-17-147.compute-1.amazonaws.com

Software

Resource Hash

b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cardinalops.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: f27d98ccf3cbecc6bb1f3b586b15f17b

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/4U7EH3L46JBUBGMZEC4ZHM/ 38 B
772 B 22ms
21ms Script
application/javascript 2600:9000:2248:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/4U7EH3L46JBUBGMZEC4ZHM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/4U7EH3L46JBUBGMZEC4ZHM/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 07:47:13 GMT
X-Amz-Version-Id: _rADJwHa6rzv0xCT3tvshVkxtzfSTDo5
Via: 1.1 61beea9b7a54f47fca4ae4dea3f52fa2.cloudfront.net (CloudFront)
Age: 52181
X-Amz-Cf-Pop: MXP63-P3
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 38
Last-Modified: Thu, 02 Mar 2023 00:12:37 GMT
Server: AmazonS3
Etag: "f5a64db38c4218cefe3f9d7531faf9a1"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -7vQ_qvprXd1oXkaiMZvQ0DRg_9R_R5J6rgBrgHLQUb_DE4uDM7XXA==

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 5EAB 320 KB
104 KB 8ms
8ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.cardinalops.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 437047
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Mon, 20 Mar 2023 22:16:53 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 219ms
211ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=aa99e53b3c42465dff5349057b94bb74&svisitor=null&visitor=6ada06b4-86d9-4795-85d2-2ed0c0284902&session=a25e7b44-18b0-4a6f-866d-ed996268aae7&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2020%20Mar%202023%2022%3A16%3A53%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2020%20Mar%202023%2022%3A16%3A53%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22aa99e53b3c42465dff5349057b94bb74%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2020%20Mar%202023%2022%3A16%3A53%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2020%20Mar%202023%2022%3A16%3A53%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Relevant%20MITRE%20techniques%20and%20detections%20for%20CVE-2023-23397%20including%20Splunk%20and%20IBM%20QRadar.%22%2C%22keywords%22%3A%22TCO%20Platform%20MITRE%20ATT%26CK%20Security%20Engineering%20Security%20Automation%20Threat%20Management%20Splunk%20SumoLogic%20and%20Qradar%22%2C%22title%22%3A%22Detecting%20Microsoft%20Outlook%20Vulnerability%20CVE-2023-23397%20in%20Splunk%20and%20IBM%20QRadar%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cardinalops.com%2Fen%2Fresources%2Fdetecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar%3Futm_medium%3Demail%26_hsmi%3D251000918%26_hsenc%3Dp2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8%26utm_content%3D251000918%26utm_source%3Dhs_email&pageViewId=4b2ea9e4-836a-46f1-8ba3-7de77c1c7f0f&an_uid=0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 5EAB 663 B
605 B 140ms
115ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=49b1f4632b48d67fec83f7c704e6e8721001294d

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.cardinalops.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 107
date: Mon, 20 Mar 2023 22:16:53 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 20 Mar 2023 22:16:53 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: e480353f259da5e4
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 0b3af2db38c9c62d6744c12aa0958695c0ba7d032887b1782ae235c0ce510908
content-length: 284

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 198ms
198ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=aa99e53b3c42465dff5349057b94bb74&svisitor=null&visitor=6ada06b4-86d9-4795-85d2-2ed0c0284902&session=a25e7b44-18b0-4a6f-866d-ed996268aae7&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2030%3Aa004%3A1%3A%3A4%22%7D&isIframe=false&m=%7B%22description%22%3A%22Relevant%20MITRE%20techniques%20and%20detections%20for%20CVE-2023-23397%20including%20Splunk%20and%20IBM%20QRadar.%22%2C%22keywords%22%3A%22TCO%20Platform%20MITRE%20ATT%26CK%20Security%20Engineering%20Security%20Automation%20Threat%20Management%20Splunk%20SumoLogic%20and%20Qradar%22%2C%22title%22%3A%22Detecting%20Microsoft%20Outlook%20Vulnerability%20CVE-2023-23397%20in%20Splunk%20and%20IBM%20QRadar%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cardinalops.com%2Fen%2Fresources%2Fdetecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar%3Futm_medium%3Demail%26_hsmi%3D251000918%26_hsenc%3Dp2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8%26utm_content%3D251000918%26utm_source%3Dhs_email&pageViewId=4b2ea9e4-836a-46f1-8ba3-7de77c1c7f0f&an_uid=0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 4U7EH3L46JBUBGMZEC4ZHM Show response
d.adroll.com/consent/check/ 463 B
556 B 122ms
34ms Script
application/javascript 2a05:d018:cc3:fe04:8902:5bff:76db:b5d5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/4U7EH3L46JBUBGMZEC4ZHM?pv=93179629935.15425&arrfrr=https%3A%2F%2Fwww.cardinalops.com%2Fen%2Fresources%2Fdetecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar%3Futm_medium%3Demail%26_hsmi%3D251000918%26_hsenc%3Dp2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8%26utm_content%3D251000918%26utm_source%3Dhs_email&_s=1537b0d81d7690c455c913c36348470e&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/4U7EH3L46JBUBGMZEC4ZHM/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:8902:5bff:76db:b5d5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e02c057c57c9a7bb15660d95ea63b572dd1353bf954fa0d3b6c2d5e01ebe64aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:53 GMT
server: nginx/1.22.1
content-length: 463
content-type: application/javascript

GET
H2 200 /
tr.lfeeder.com/ 43 B
295 B 117ms
56ms Image
image/gif 18.66.196.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=YEgkB8lPvyM8ep3Z&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6W10sImdhQ2xpZW50SWRzIjpbXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42MC4xIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5jYXJkaW5hbG9wcy5jb20vZW4vcmVzb3VyY2VzL2RldGVjdGluZy1taWNyb3NvZnQtb3V0bG9vay12dWxuZXJhYmlsaXR5LWN2ZS0yMDIzLTIzMzk3LXNwbHVuay1pYm0tcXJhZGFyP3V0bV9tZWRpdW09ZW1haWwmX2hzbWk9MjUxMDAwOTE4Jl9oc2VuYz1wMkFOcXR6LS14MHN6dzY4QWZIRlNRMFFJTE4tXzhieU5KTFdldF95U0tqNUZlZjlNYUFZdzFHUDJSWklDM0d3Q1plLXRReXdqOExvZ0JpU25iSG9hVUVEZWNjdlBKeXY5TW4xSUZZX2pCMWRhV1BuSVFfVEJlbEk4JnV0bV9jb250ZW50PTI1MTAwMDkxOCZ1dG1fc291cmNlPWhzX2VtYWlsIiwicGFnZVRpdGxlIjoiRGV0ZWN0aW5nIE1pY3Jvc29mdCBPdXRsb29rIFZ1bG5lcmFiaWxpdHkgQ1ZFLTIwMjMtMjMzOTcgaW4gU3BsdW5rIGFuZCBJQk0gUVJhZGFyIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiI4ZWRkYzMyMWZjMzYyZmI3Iiwic2NyaXB0SWQiOiJZRWdrQjhsUHZ5TThlcDNaIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5mOGRjMzkwYmFlYTZiNDFlLjE2NzkzNTA2MTM5MDEiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
Requested by: Host: www.cardinalops.com
URL: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.196.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-196-80.mxp63.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
via: 1.1 82a476a12dec0fbc7a41b159bd76cf6a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MXP63-P1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: q5_Y8o2DCGw1pdvJDZiZwGNWOEQkCeZA-9NT5biWNipvOWBA4xNAdw==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 37ms
18ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: www.cardinalops.com
URL: https://www.cardinalops.com/hs/scriptloader/7289101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccaabd1f9aa371b58a46ba623deadf51680ab27109b399559724856bf925ec9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
x-amz-version-id: U0cNE4RbBA1fh8BSp1QKep.V2dqyarjX
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 314
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.338/bundles/pixels-release.js&cfRay=7ab14acf0c826977-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Fri, 10 Mar 2023 06:22:14 UTC
server: cloudflare
etag: W/"afe2d57e0b6425d8d30346e51ffa1dfe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7ab15279ded89b43-FRA
x-amz-cf-id: ZPNkm8wnj0ZPMlEdSkTeG8AABTTI5TazrZPDLz7zfNyFVRpol4nXDw==
x-hs-target-asset: adsscriptloaderstatic/static-1.338/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 68 KB
25 KB 134ms
108ms Script
application/javascript 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: www.cardinalops.com
URL: https://www.cardinalops.com/hs/scriptloader/7289101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f2b8b4f35e3ac89735724f660e345274378e92d3d1c1f2695c04a0460fab3c

Request headers

Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Origin: https://www.cardinalops.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
x-amz-version-id: UTgFLxzqgfPWpvgFow3DNbYx_N7FOQZ9
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.331/bundles/project.js&cfRay=7ab15279ec0b03d8-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Mar 2023 01:24:29 UTC
server: cloudflare
etag: W/"9656224f3534bbb83c23ef97671f6be1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7ab15279ec0b03d8-FRA
x-amz-cf-id: 5UZ38hqZK9DX5O8myq8zsMx5n0ya6PsWnRPh7UEf_-gP9FUNYIXbMg==
x-hs-target-asset: collected-forms-embed-js/static-1.331/bundles/project.js

GET
H2 200 7289101.js Show response
js.hs-analytics.net/analytics/1679350500000/ 65 KB
20 KB 152ms
133ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1679350500000/7289101.js
Requested by: Host: www.cardinalops.com
URL: https://www.cardinalops.com/hs/scriptloader/7289101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 158ade5e60aba3a03799d7d141f424e7512f919df7010585c42c46cce5d029b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 09QTZ6CKSF8EXXPQ
x-amz-server-side-encryption: AES256
x-amz-id-2: glg5Wd/xwtiGdf4Tun59+E3yGERafb2DOQEckeqfly4TIapD3Mohf6xIF9GRwo5dcBe/9cy5GYs=
last-modified: Thu, 02 Mar 2023 23:21:52 GMT
server: cloudflare
etag: W/"2feaa2e19e121a523897fa0ff15e3e2b"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7ab15279d8f59054-FRA
expires: Mon, 20 Mar 2023 22:21:54 GMT

GET
H2 200 7289101.js Show response
js.hs-banner.com/ 60 KB
16 KB 139ms
120ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7289101.js
Requested by: Host: www.cardinalops.com
URL: https://www.cardinalops.com/hs/scriptloader/7289101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95678677b574e4ae0066614363cfba3992436c44998e3a4cdad9913ede16f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
x-amz-version-id: SiUFXhdU7sarIKTT5Ls8Q.2.HieEGR.W
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 7QW59P24ZZY3AATF
x-amz-server-side-encryption: AES256
x-amz-id-2: hR9zk9wnzlP76t4+ccki0Fd5w0lkljXc7xH48aAy2+97frzy1a18FrMLx676mfQese678NfKu68=
last-modified: Tue, 29 Nov 2022 14:43:21 GMT
server: cloudflare
etag: W/"71c00d67b942a328c73702c76d708933"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.cardinalops.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7ab15279d9d1912b-FRA
expires: Mon, 20 Mar 2023 22:21:54 GMT

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
667 B 157ms
130ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 22:16:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 26220da5-24ab-4ad8-85db-244d19c5178a
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 35
Server: cloudflare
X-Trace: 2B862A6B8D6AF739B6393C15752CF5325CE65B3862000000000000000000
Vary: origin
Content-Type: image/gif
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7ab1527a78c230c3-FRA

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
960 B 65ms
24ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_59863ae6_1999_4c44_9fbe_c0d2857fa29a&render=explicit&hl=en

Requested by

Host: www.cardinalops.com
URL: https://www.cardinalops.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f84ce364a96677f3401ff0c6bdaee74f45233669ad1fa1210a837b4ca081c8a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 640
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 22:16:54 GMT

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
513 B 113ms
112ms XHR
application/json 54.242.17.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.242.17.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-17-147.compute-1.amazonaws.com

Software

Resource Hash

fa43985a720ce68710821202034223dca28aaf710e0acf3c43abaafe0051527c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cardinalops.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: eefa8a0f2325345eaf87979a4d5917d4

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
667 B 157ms
126ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 22:16:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: b47b3e51-3849-497b-8a0c-f5eebbcd5747
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 35
Server: cloudflare
X-Trace: 2B2DF9350BEB8AA15EC98A99FF8C7C1965188BE201000000000000000000
Vary: origin
Content-Type: image/gif
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7ab1527aaf43362d-FRA

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
382 B 122ms
114ms XHR
application/json 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=7289101&utk=
Requested by: Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e5c612a27c4b1e0c3156003f4275f1f1b3d9d4864101c9ef46c1039aeaf5d7b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 34312832-f440-4764-9a75-2ade5f659220
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cardinalops.com
cache-control: max-age=0
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7ab1527afd3203d8-FRA

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ 404 KB
161 KB 132ms
16ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_59863ae6_1999_4c44_9fbe_c0d2857fa29a&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9d91ff5b9a775b5ce8c6c81e51e71c27194d11ac8690353727d23c91f7b317c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Origin: https://www.cardinalops.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 17:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164678
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 17:02:01 GMT

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
85 B 123ms
122ms XHR
text/plain 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/7289101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 2523a456-0689-4597-af18-c8d73fe7c54c
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.cardinalops.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7ab1527d7d3c2c6b-FRA

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 400ms
384ms Preflight
application/octet-stream 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cardinalops.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.cardinalops.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 7ab1527b1abf2c6b-FRA
content-length: 0
content-type: application/octet-stream
date: Mon, 20 Mar 2023 22:16:54 GMT
server: cloudflare
timing-allow-origin: *
vary: origin

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
393 B 128ms
113ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: f44262f2-0354-430f-a202-4f1456e09de7
x-trace: 2B2C64A0E379808DF3A5E0D6F4A8F5F37F2613A13B000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7ab1527bdea79bfa-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 2BC8 48 KB
26 KB 45ms
43ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuY2FyZGluYWxvcHMuY29tOjQ0Mw..&hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&badge=inline&cb=21331iv07zkm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

98706044e35158a96cc1a6448ab3f2d032ae436e54645f35fc87a4993248ecc6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aAA6VCxmOUCEQYZmLXEvhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26485
content-security-policy: script-src 'report-sample' 'nonce-aAA6VCxmOUCEQYZmLXEvhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 22:16:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 2BC8 55 KB
24 KB 49ms
19ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuY2FyZGluYWxvcHMuY29tOjQ0Mw..&hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&badge=inline&cb=21331iv07zkm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 17:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 17:02:15 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 2BC8 404 KB
161 KB 56ms
26ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9d91ff5b9a775b5ce8c6c81e51e71c27194d11ac8690353727d23c91f7b317c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 17:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164678
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 17:02:01 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 2BC8 102 B
132 B 23ms
22ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4fdd793c6b9c084150c7577c83ddd7bdb6f38b1e5b1f036418f20d6d080b42a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuY2FyZGluYWxvcHMuY29tOjQ0Mw..&hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&size=invisible&badge=inline&cb=21331iv07zkm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 22:16:54 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
354 B 125ms
125ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=7289101&pi=107207374881&ct=blog-post&ccu=https%3A%2F%2Fwww.cardinalops.com%2Fen%2Fresources%2Fdetecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar&cpi=107207374881&cgi=38657700032&lpi=107207374881&lvi=107207374881&lvc=en&pu=https%3A%2F%2Fwww.cardinalops.com%2Fen%2Fresources%2Fdetecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar%3Futm_medium%3Demail%26_hsmi%3D251000918%26_hsenc%3Dp2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8%26utm_content%3D251000918%26utm_source%3Dhs_email&t=Detecting+Microsoft+Outlook+Vulnerability+CVE-2023-23397+in+Splunk+and+IBM+QRadar&cts=1679350614753&vi=1165914497de9ed72a87c531dd60f182&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: de0c9e67-251a-4ed7-976c-903f02bd2ae3
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY8R3HIFgnFWV6gxRTH4t8is5yi5tqL9FhZvXrhuxOsTpNxaZDsezdvgZ40RMlO42rG1whSCTrUVPxIjBknSA2WEb3xq8Pi6l%2BEjrKlVD2tvaHWZEcPkqlbVy739CjmJPzHiGQZ3b8n19L79Kr9V"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ab1527e3fe6926e-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
352 B 129ms
128ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=e932d4e4-8e73-4e43-9aee-45272120bf6c&fci=59863ae6-1999-4c44-9fbe-c0d2857fa29a&ft=4&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=7289101&pi=107207374881&ct=blog-post&ccu=https%3A%2F%2Fwww.cardinalops.com%2Fen%2Fresources%2Fdetecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar&cpi=107207374881&cgi=38657700032&lpi=107207374881&lvi=107207374881&lvc=en&pu=https%3A%2F%2Fwww.cardinalops.com%2Fen%2Fresources%2Fdetecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar%3Futm_medium%3Demail%26_hsmi%3D251000918%26_hsenc%3Dp2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8%26utm_content%3D251000918%26utm_source%3Dhs_email&t=Detecting+Microsoft+Outlook+Vulnerability+CVE-2023-23397+in+Splunk+and+IBM+QRadar&cts=1679350614754&vi=1165914497de9ed72a87c531dd60f182&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: eb52a227-40be-43ee-a9d4-24fa5349b7d1
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9JL2ioLHOZHTs4DBjJVS9RdChTeI2tjTPSJDXWAf28UDztXqpI%2F3P2xtDBupdJkyU8Pnk1f1Y5ohuzy6p6x1TrSNpnRjgttPaG9kWbCAmemQJvcp44L3LnJ31r8TtjBf6zJ7hZgS53qxdfENke8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ab1527e4fed926e-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
527 B 118ms
118ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=e932d4e4-8e73-4e43-9aee-45272120bf6c&fci=59863ae6-1999-4c44-9fbe-c0d2857fa29a&ft=4&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=7289101&pi=107207374881&ct=blog-post&ccu=https%3A%2F%2Fwww.cardinalops.com%2Fen%2Fresources%2Fdetecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar&cpi=107207374881&cgi=38657700032&lpi=107207374881&lvi=107207374881&lvc=en&pu=https%3A%2F%2Fwww.cardinalops.com%2Fen%2Fresources%2Fdetecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar%3Futm_medium%3Demail%26_hsmi%3D251000918%26_hsenc%3Dp2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8%26utm_content%3D251000918%26utm_source%3Dhs_email&t=Detecting+Microsoft+Outlook+Vulnerability+CVE-2023-23397+in+Splunk+and+IBM+QRadar&cts=1679350614754&vi=1165914497de9ed72a87c531dd60f182&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 52c056fe-3c44-4c28-abfb-158d023c9c30
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qbss9tmECbr4xnjNMaFXLyESUGSqNcPoGPwTzff%2FLcY0qGV7SzLBDjFPWSFHuSPJrbIKYlxW%2BwTQDGqNgh7usIyyFLo7x7LbF90R7Ueu%2FcPLGRQ0WO2XkFtpncc6uOSndu%2FR%2BbxzaVpatOHQl4Os"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ab1527e4fef926e-FRA
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 195ms
194ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:54 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame FCD8 7 KB
1 KB 25ms
25ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58b98b4bccc9364ffbea8221b639f5ca7cbfcec80edbd0151c8db1b5b70d9c85

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-plztQms3wNE4jewDCLB1sA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-plztQms3wNE4jewDCLB1sA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 22:16:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame FCD8 55 KB
24 KB 14ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 17:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 17:02:15 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame FCD8 404 KB
161 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9d91ff5b9a775b5ce8c6c81e51e71c27194d11ac8690353727d23c91f7b317c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 17:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164678
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 17:02:01 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame FCD8 41 KB
25 KB 51ms
51ms XHR
application/json 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

efd8737b1303863b4e0614ac09f2edc6ac776c5087bb0146d81fd80fdb95169a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 20 Mar 2023 22:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25651
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 22:16:55 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame FCD8 600 B
624 B 15ms
14ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 22:42:01 GMT
x-content-type-options: nosniff
age: 344094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Mar 2023 22:42:01 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame FCD8 530 B
554 B 16ms
14ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 22:56:53 GMT
x-content-type-options: nosniff
age: 343202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Mar 2023 22:56:53 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame FCD8 665 B
689 B 16ms
14ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 15:20:06 GMT
x-content-type-options: nosniff
age: 457009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 22 Mar 2023 15:20:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FCD8 15 KB
15 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 15:27:04 GMT
x-content-type-options: nosniff
age: 370191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 15:27:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FCD8 15 KB
15 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 07:57:55 GMT
x-content-type-options: nosniff
age: 137940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Mar 2024 07:57:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FCD8 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 445691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 18:28:44 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame FCD8 28 KB
28 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AFY_a8UrCbBWgbgvUfWZkH9cmTky51qUthAAb6tGRJDdGGclWOJGiqYYmH4LrHIGoqrNRHvezsJC-bZxxzm-B5HF1KlCNRhCpnYOyOzZ9lsOTVRdcm54o_wWEIwkqw5MMOK6C2GbhnksIsLw816aQV8_xkDXN0sOpp9mTTPJ9cJtyAJ9KUhbjhydH2Tdw8rIjSwkAgLgWm2xsMVPAQg9pnll8zcZo7KaGA&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9e097c7461225e311ea620bcf883269ad8142d9c87c62b89c4f7f6cd2d70d9f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28744
x-xss-protection: 1; mode=block
expires: Mon, 20 Mar 2023 22:16:55 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 216ms
215ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:55 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 203ms
203ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:56 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 200 perf Show response
www.cardinalops.com/_hcms/ 2 B
600 B 473ms
473ms XHR
text/plain 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cardinalops.com/_hcms/perf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 20 Mar 2023 22:16:58 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ca6590ad-17f9-47da-8180-fb91b0c7353b
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
server: cloudflare
x-trace: 2B30D4E5837BFB4D0AE1ED2694E8B93066E3106060000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JY7a8t4mdes%2FQrschbXy%2B60E%2BWURel6cGNrluDqXj7stuKoWxUHgiIcDqvv0k%2BTlpI24NkjgYw81Ea4B4nt1uwEo1xV6xA5qazIbF25yFVSlY9zFO0hsOvIUIwyJNlvS35naS3IphQwDxcvlI%2FkYk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-credentials: false
cf-ray: 7ab15290ff86bbce-FRA
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 205ms
204ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:57 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 196ms
195ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cardinalops.com/en/resources/detecting-microsoft-outlook-vulnerability-cve-2023-23397-splunk-ibm-qradar?utm_medium=email&_hsmi=251000918&_hsenc=p2ANqtz--x0szw68AfHFSQ0QILN-_8byNJLWet_ySKj5Fef9MaAYw1GP2RZIC3GwCZe-tQywj8LogBiSnbHoaUEDeccvPJyv9Mn1IFY_jB1daWPnIQ_TBelI8&utm_content=251000918&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:16:58 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 14:48:22	Name: _GRECAPTCHA Value: 09AO5OVO_oIqBCkAsnc4WluyXMzn9-PmSQs4C1hhrX0iCmnvyFxTM5wXyIKsAy7gHXncN8goUQgvFhTEVlLIcKHHk
.www.cardinalops.com/	1970-01-20 10:29:12	Name: __cf_bm Value: x2gp.RreoyvcVXkjwJhSyuiA6FhR5drx7PKC07zQTLQ-1679350612-0-Aa1V8irnNxbQytQ3Nz62wFgxvnzAhhJaigESdtXvo+2SHG98L0TwytYOg6Fs4uF38cSLyny94KqWCCHnWog6wdI=
.www.cardinalops.com/	1969-12-31 23:59:59	Name: __cfruid Value: 05835bb7c6757d726d6f7a3f914ffbb7f3b6f3d9-1679350612
www.cardinalops.com/	1970-01-20 10:39:15	Name: _an_uid Value: 0
www.cardinalops.com/	1970-01-20 20:05:10	Name: _gd_visitor Value: 6ada06b4-86d9-4795-85d2-2ed0c0284902
www.cardinalops.com/	1970-01-20 10:29:25	Name: _gd_session Value: a25e7b44-18b0-4a6f-866d-ed996268aae7
.ws.zoominfo.com/	1970-01-20 19:14:46	Name: visitorId Value: 6840d94930b590febc24147cee1407f6321b10ed6d611da1be40b450bdb6b934
.zoominfo.com/	1970-01-20 10:29:12	Name: __cf_bm Value: PBwqXDh3fVvFiQuA9Gou80PNxq9iROd4FHl3J1jw8yo-1679350613-0-AZMZ28tkfpteGArhHUkdW8gKJhpLkc7ZxU1v0UUHaoiSy+8UAoD5vdztUjKt4G7y9/C9TPUj9AwCOydV/xF3eFE=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 2yCsMXEOEclb1vcnuOWU8LNUDTaEJKPWj.s1BwAwYR0-1679350613866-0-604800000
.cardinalops.com/	1970-01-20 20:05:10	Name: _lfa Value: LF1.1.f8dc390baea6b41e.1679350613901
.hubspot.com/	1970-01-20 10:29:12	Name: __cf_bm Value: 2LCCRVOIPJEPiCYbtaXzYtWsnopHAn3xLB8i4YsJ1ps-1679350613-0-AWgVdMI+mHcabrHWZLYZ8hdd+yBZVjA5amrxrIsB8dZn3ENNHlcg6M3ZjUfzk1qN8FjLjnFfUcHMd6Lt93cPis8=
.6sc.co/	1970-01-20 20:05:10	Name: 6suuid Value: aad01702563d000056db18641c000000cafe3c00
www.cardinalops.com/	1970-01-20 10:39:15	Name: slireg Value: https://scout.us4.salesloft.com
www.cardinalops.com/	1970-01-20 19:14:46	Name: sliguid Value: cdc4ca8c-23fd-41c2-b7d6-b5f9e25901d8
www.cardinalops.com/	1970-01-20 19:14:46	Name: slirequested Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

203881.fs1.hubspotusercontent-na1.net
7289101.fs1.hubspotusercontent-na1.net
api-na1.hubapi.com
app.hubspot.com
b.6sc.co
c.6sc.co
cdn2.hubspot.net
cdnjs.cloudflare.com
connect.facebook.net
cthjm04.na1.hubspotlinks.com
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
platform.linkedin.com
platform.twitter.com
s.adroll.com
sc.lfeeder.com
scout-cdn.salesloft.com
scout.salesloft.com
secure.adnxs.com
syndication.twitter.com
tr.lfeeder.com
track.hubspot.com
ws.zoominfo.com
www.cardinalops.com
www.google.com
www.gstatic.com
104.244.42.200
18.66.196.80
185.89.210.180
2600:9000:215b:9000:1f:f723:6fc0:93a1
2600:9000:2248:4800:6:9280:1080:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:2c40::c73c:671e
2606:4700:4400::6812:25d3
2606:4700:4400::ac40:9a55
2606:4700:4400::ac40:9ad8
2606:4700::6810:5505
2606:4700::6810:5705
2606:4700::6810:650c
2606:4700::6811:180e
2606:4700::6811:44b0
2606:4700::6811:71b0
2606:4700::6811:83ab
2606:4700::6811:cccc
2606:4700::6811:f0cc
2606:4700::6812:de5a
2606:4700::6813:9b53
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:813::200a
2a02:26f0:3500:16::215:149b
2a02:26f0:480:c::210:f194
2a03:2880:f01c:8012:face:b00c:0:3
2a05:d018:cc3:fe04:8902:5bff:76db:b5d5
54.242.17.147
95.101.111.170
0401f0469b6626eea5e1b982a79d8820ce4685af12b2a5174c4723af05212455
043cfebfa4ec302e0368eadbae54853a5b6caff633b3d1e02a32f2cd2f71e1fd
0498b01282b4876d7d7f5502d62ea3764ec0039db75f1d5acd33acae2c63a040
0889191f0926e9ff6d0b3361134127f61215e494780640fe24052f7c67e4a515
0d9dbf31d05263a24eb79aaf7c6e26917c6ccd31b642bb4a1d34292e25daa405
158ade5e60aba3a03799d7d141f424e7512f919df7010585c42c46cce5d029b3
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3d819896f9525403a02aa283534db0b35227f1d0a690568b9bce83b70cfdbe1e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
41a1d398c40c40226cf359dadeb451657a703c9d149375fb3bcd9f9e6b87914e
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
49c050c7a4775b5b84a5ceabf44f33074c79c051306286a8be611e9794704894
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4fdd793c6b9c084150c7577c83ddd7bdb6f38b1e5b1f036418f20d6d080b42a5
4fdfa5dc5c087f197a885da4869600323c85ed4227d765a1cb81fdde5ee61eb7
525abb62c61a67f157855027a44a9076c967ee3cd1cda9049b6a8eaf3e66e1ba
5322b28c9b246ed04af84842869d9e3c5137259e758f0a0260ad57a9ad090216
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58b98b4bccc9364ffbea8221b639f5ca7cbfcec80edbd0151c8db1b5b70d9c85
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
627c6c6d415c58167309608c305b2d84f1007f865fec6f8576b61c0342345b46
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0e834ac8dbaf78f462d1b02b0f66d0a5d5ec6f312e7f40548d0b6b77aa79bb
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
78bf574ab08e486536edf0d68a5b2cad93e9dcad0345e255e3428c51b6fc409e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e5c612a27c4b1e0c3156003f4275f1f1b3d9d4864101c9ef46c1039aeaf5d7b
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98706044e35158a96cc1a6448ab3f2d032ae436e54645f35fc87a4993248ecc6
9a21dd1482b39f53208d768481230524b82fc600b8090919964b9aedcd38b642
a1a08209eb7e6163e44d6702f327080e81bdf28c862dd4754a8f7d0b538a438e
a3d7689f053a455712c0ebc5109c88c84ec6c58d46b7eba82245db519becb719
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a2ddd8852f369a88c32ce5c2a6a2d03c3b126b03c28fa89a4ebe4eb8255d31
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
b3f2b8b4f35e3ac89735724f660e345274378e92d3d1c1f2695c04a0460fab3c
bb862724b9ac47477b69fde6c916b0f4bbf234cc10ba46feb2d5b33da33d6308
c2954c5d54a0dbe2847c0d06d59c08d2f6e919bc944f24d825c946251d05770d
c43cebfdbff079eab0377a6781b6213d1f5a3e8220c0cdc3a9d6a28b73de64cb
c4a9207d77e55213442f3540d2fbd16daf168e4c736b2a84fe8601ba11495374
c88b840f447f11dd645c51a5e9f381774f4c89becd41b0e094b005faac64b4b8
c8f7aae7a572a8f023d5ea8237579380e136f9d4f6dd31abe1fb8f91c67f8bd1
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c95678677b574e4ae0066614363cfba3992436c44998e3a4cdad9913ede16f56
ccaabd1f9aa371b58a46ba623deadf51680ab27109b399559724856bf925ec9d
d2a4ad68dd2204384720e168ac5b439d77ec69a42c0469f32a38f268f9595936
d9d91ff5b9a775b5ce8c6c81e51e71c27194d11ac8690353727d23c91f7b317c
db6b2380d521be1ad8ae8659b8baafd2becdc75b4051b343800ad8ed183d4823
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e02c057c57c9a7bb15660d95ea63b572dd1353bf954fa0d3b6c2d5e01ebe64aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7
ec5f7597c123181788fd043c205d990937daab3c1565e7df4ba16d47f030c160
ed92c951c39983af4f5fac78a5bab4c390b3faf7c46e2a35256ee38f5443ffa2
efd8737b1303863b4e0614ac09f2edc6ac776c5087bb0146d81fd80fdb95169a
f84ce364a96677f3401ff0c6bdaee74f45233669ad1fa1210a837b4ca081c8a4
f9e097c7461225e311ea620bcf883269ad8142d9c87c62b89c4f7f6cd2d70d9f
fa374c098b15cd4aa2683f8af52c70e2ca81bed3966b5c2dc3d27392919daf96
fa43985a720ce68710821202034223dca28aaf710e0acf3c43abaafe0051527c
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.cardinalops.com Open in urlscan Pro 2606:2c40::c73c:671e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

100 %HTTPS

84 %IPv6

24 Domains

36 Subdomains

31 IPs

3 Countries

1927 kBTransfer

4446 kBSize

15 Cookies

24 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cardinalops.com Open in urlscan Pro
2606:2c40::c73c:671e Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

100 %
HTTPS

84 %
IPv6

24
Domains

36
Subdomains

31
IPs

3
Countries

1927 kB
Transfer

4446 kB
Size

15
Cookies

87 HTTP transactions
0 data transactions